Jan 24, 2018

GitHub has launched a new security alerts feature which will scan a project's dependencies for known vulnerabilities.

Start using security alerts

Whether your projects are private or public, security alerts get vital vulnerability information to the right people on your team.

Enable your dependency graph

Public repositories will automatically have your dependency graph and security alerts enabled. For private repositories, you’ll need to opt in to security alerts in your repository settings or by allowing access in the Dependency graph section of your repository’s Insights tab.